Here’s the first edition of a new Finextra long read series summarising the latest regulatory updates impacting the financial services, technology or fintech industries, and how financial market participants should mind the gap between the regulations that have
not fully caught up with the pace of innovation.
Payments
Payments services providers: After the release of a consultation paper, payments service providers in Australia must now apply for a Australian Financial Services Licence (AFSL)
within the first six months after its introduction. PSPs will be permitted 18 months to be licensed, and the underlying concept of ‘makes non-cash payments’ will be replaced with a ‘uses a payment product’ or similar, comprising either a payment product or
providing a payment service. The new ‘payment product’ will apply to traditional stored value facilities (SVFs), payment stablecoins, payment instruments, payment facilitation services and cross-border transfer services.
Startups
Innovation hubs and regulatory sandboxes: The three European Supervisory Authorities (EBA, EIOPA and ESMA – the
ESAs) released a report identifying the benefits and challenges related to the operation and design of innovation hubs and regulatory sandboxes, otherwise known as innovation facilitators. The report recognises that the last review was conducted in 2019
and the fintech industry has evolved substantially since then.
Markets
UK and Switzerland: To enhance the cross-border market access of financial services between the UK and Switzerland,
the Berne Financial Services Agreement has been made for mutual recognition of domestic laws and regulations. With the two of the world's leading financial centres coming together, open access will be increased, and regulatory barriers, reduced.
Wealth
Investment fraud: The International Organization of Securities Commissions (IOSCO) recently published a warning about the risk of online harm to retail investors from investment scams and frauds. The statement mentioned the growing sophistication
of technologies such as crypto-assets or artificial intelligence that bad actors are increasingly leveraging. The IOSCO called for regulators to respond holistically and innovatively, and for the online ecosystem to collaborate to tackle this issue.
Retail investment digitalisation: The European Securities and Markets Authority (ESMA) also published a discussion
paper on the recent surge in the usage of digital tools and social media by companies and retail investors after 2020. Retail investor behaviour and decision making was considered, and stakeholders are invited to submit their feedback to this paper by 14 March
2024.
Crime
Money laundering and terrorism financing: The European Council and European Parliament have
reached a provisional agreement on AMLA, the new European authority for countering money laundering and terrorism financing. AMLA will have supervisory powers over high-risk obliged entities in the financial sector, and a supporting role with respect to non-financial
sectors, and coordinate financial intelligence units in member states.
Money laundering and terrorism financing: AUSTRAC announced their plans to bolster the Australian financial system’s resilience
to money laundering, terrorism financing and other major crimes. The release also indicated that AML/CFT capabilities would be uplifted through increased education and supervision.
Security
Cybersecurity: The Financial Stability Oversight Council (FSOC) released its 2023 report, in which the US revealed their plans for increased resilience through reducing cyber
vulnerabilities such as ransomware, malware, DDOS attacks and data breaches. For the first time, FSOC also identified the use of AI in financial services as a vulnerability to the financial system, citing cyber and model risks. In addition to this, the Council
also called attention to nonbank financial intermediation, climate-related financial risk, and the cybersecurity risks that may arise from cryptoassets.
Crypto
CBDC architecture: The BIS’s Consultive Group on Innovation and the Digital Economy (CGIDE) released a report that outlined the technical requirements for a retail CBDC. These recommendations expect
to help curate a future proof-of-concept for a CBDC that will consider interoperability, scalability, user-centric design, security and data privacy.
Cryptoasset bank exposure: The Basel Committee on Banking Supervision (BCBS) issued a consultation on potential changes to the standard ruling over banks’ exposure to cryptoassets. This will ensure
that banks have adequate due diligence in place to understand the technology, its stability and the standard. Proposed amendments to the standard should be submitted to the BIS by 28 March 2024.
Cryptocurrency rules: The Financial Conduct Authority (FCA) released new consumer advice exploring the risks involved in investing in cryptocurrencies, warning that investees must be prepared
to lose all their money due to sudden market moves, failure of firms, poor segregation of client funds or cyberattacks. The advice also reiterated that cryptocurrency is not regulated in the UK and losses will not be covered by the Financial Services Compensation
Scheme, although marketing of crypto has been regulated since October 2023.
Sustainable
ESG ratings: The
European Council reached an agreement on a proposal for ESG ratings regulation that will aim to boost investor confidence in sustainable products, as well as strengthening the reliability of ESG ratings by improving the transparency of the operations of
ESG ratings providers, making ratings more comparable and preventing conflicts of interests. ESG rating providers will need to be authorised and supervised by ESMA and comply with transparency requirements.